cisco chapter 5 cybersecurity Essential answer (BOLD font is answer )

Skip to main content

     

Question text

Identify three situations in which the hashing function can be applied. (Choose three.)

Select one or more:

IPsec

PPoE

PKI

DES

CHAP

WPA

Feedback

Refer to curriculum topic: 5.1.1
Three situations where a hash function could be used are as follows:

• When IPsec is being used
• When routing authentication is enabled
• In challenge responses within protocols such as PPP CHAP
• Within digitally signed contracts and PKI certificates

The correct answers are: IPsec, CHAP, PKI

Question 2

Incorrect

Mark 0.00 out of 2.00

Flag question

Question text

What are three type of attacks that are preventable through the use of salting? (Choose three.)

Select one or more:

reverse lookup tables

shoulder surfing

guessing

social engineering

rainbow tables

phishing

lookup tables

Feedback

Refer to curriculum topic: 5.1.2
Salting makes precomputed tables ineffective because of the random string that is used.

The correct answers are: lookup tables, reverse lookup tables, rainbow tables

Question 3

Correct

Mark 2.00 out of 2.00

Flag question

Question text

Alice and Bob use the same password to login into the company network. This means both would have the exact same hash for their passwords. What could be implemented to prevent both password hashes from being the same?

Select one:

pseudo-random generator

RSA

peppering

salting

Feedback

Refer to curriculum topic: 5.1.2
A password is stored as a combination of both a hash and a salt.

The correct answer is: salting

Question 4

Correct

Mark 2.00 out of 2.00

Flag question

Question text

What is the step by step process for creating a digital signature?

Select one:

Create a message; encrypt the message with a MD5 hash; and send the bundle with a public key.

Create a SHA-1 hash; encrypt the hash with the private key of the sender; and bundle the message, encrypted hash, and public key together to signed document.

Create a message digest; encrypt the digest with the public key of the sender; and bundle the message, encrypted digest, and public key together to sign the document.

Create a message digest; encrypt the digest with the private key of the sender; and bundle the message, encrypted digest, and public key together in order to sign the document.

Feedback

Refer to curriculum topic: 5.2.2
In order to create a digital signature, the following steps must be taken:

1. The message and message digest are created.
2. The digest and private key are encrypted.
3. The message, encrypted message digest, and public key are bundled to create the signed document.

The correct answer is: Create a message digest; encrypt the digest with the private key of the sender; and bundle the message, encrypted digest, and public key together in order to sign the document.

Question 5

Correct

Mark 2.00 out of 2.00

Flag question

Question text

Which method tries all possible passwords until a match is found?

Select one:

dictionary

cloud

rainbow tables

cryptographic

brute force

birthday

Feedback

Refer to curriculum topic: 5.1.1
Two common methods of cracking hashes are dictionary and brute force. Given time, the brute force method will always crack a password.

The correct answer is: brute force

Question 6

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user is connecting to an e-commerce server to buy some widgets for a company. The user connects to the site and notices there is no lock in the browser security status bar. The site does prompt for a username and password and the user is able to log in. What is the danger in proceeding with this transaction?

Select one:

The site is not using a digital certificate to secure the transaction, with the result that everything is in the clear.

The user is using the wrong browser to perform the transaction.

Ad blocker software is preventing the security bar from working properly, and thus there is no danger with the transaction.

The certificate from the site has expired, but is still secure.

Feedback

Refer to curriculum topic: 5.3.1
The lock in the browser window ensures a secure connection is being established and is not blocked by browser add-ons.

The correct answer is: The site is not using a digital certificate to secure the transaction, with the result that everything is in the clear.

Question 7

Correct

Mark 2.00 out of 2.00

Flag question

Question text

What are three validation criteria used for a validation rule? (Choose three.)

Select one or more:

format

encryption

key

size

type

range

Feedback

Refer to curriculum topic: 5.4.2
Criteria used in a validation rule include format, consistency, range, and check digit.

The correct answers are: size, range, format

Question 8

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user is instructed by a boss to find a better method to secure passwords in transit. The user has researched several means to do so and has settled on using HMAC. What are the key elements needed to implement HMAC?

Select one:

symmetric key and asymmetric key

IPsec and checksum

message digest and asymmetric key

secret key and message digest

Feedback

Refer to curriculum topic: 5.1.3
HMAC implementation is a secret key added to a hash.

The correct answer is: secret key and message digest

Question 9

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?

Select one:

Encrypt the program and require a password after it is downloaded.

Turn off antivirus on all the computers.

Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded.

Distribute the program on a thumb drive.

Install the program on individual computers.

Feedback

Refer to curriculum topic: 5.1.1
Hashing is a method to ensure integrity and ensures that the data is not changed.

The correct answer is: Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded.

Question 10

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user is the database administrator for a company. The user has been asked to implement an integrity rule that states every table ​must have a primary key and that the column or columns chosen to be the primary key must be unique and not null. Which integrity requirement is the user implementing?

Select one:

referential integrity

entity integrity

domain integrity

anomaly integrity

Feedback

Refer to curriculum topic: 5.4.1
There are three major database integrity requirements: entity, referential, and domain integrity.

The correct answer is: entity integrity

Question 11

Correct

Mark 2.00 out of 2.00

Flag question

Question text

An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the evidence is submitted in court?

Select one:

The data in the image is an exact copy and nothing has been altered by the process.

An exact copy cannot be made of a device.

The investigator found a USB drive and was able to make a copy of it.

The data is all there.

Feedback

Refer to curriculum topic: 5.1.1
A hash function ensures the integrity of a program, file, or device.

The correct answer is: The data in the image is an exact copy and nothing has been altered by the process.

Question 12

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use?

Select one:

SHA256

MD5

ISAKMP

HMAC

Feedback

Refer to curriculum topic: 5.1.3
HMAC provides the additional feature of a secret key to ensure integrity and authentication.​

The correct answer is: HMAC

Question 13

Incorrect

Mark 0.00 out of 2.00

Flag question

Question text

What is the standard for a public key infrastructure to manage digital certificates?

Select one:

x.503

NIST-SP800

x.509

PKI

Feedback

Refer to curriculum topic: 5.3.2
The x.509 standard is for a PKI infrastructure and x.500 if for directory structures.​

The correct answer is: x.509

Question 14

Correct

Mark 2.00 out of 2.00

Flag question

Question text

What is the purpose of CSPRNG?

Select one:

to generate salt

to process hash lookups

to prevent a computer from being a zombie

to secure a web site

Feedback

Refer to curriculum topic: 5.1.2
Salting prevents someone from using a dictionary attack to guess a password. Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) is one way (and the best way) to generate salt.

The correct answer is: to generate salt

Question 15

Correct

Mark 2.00 out of 2.00

Flag question

Question text

What is a strength of using a hashing function?

Select one:

It is not commonly used in security.

It can take only a fixed length message.

It has a variable length output.

It is a one-way function and not reversible.

Two different files can be created that have the same output.

Feedback

Refer to curriculum topic: 5.1.1
Understanding the properties of a hash function shows its applicability such as one-way function, arbitrary input length, and fixed output.

The correct answer is: It is a one-way function and not reversible.

Question 16

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A recent breach at a company was traced to the ability of a hacker to access the corporate database through the company website by using malformed data in the login form. What is the problem with the company website?

Select one:

weak encryption

lack of operating system patching

poor input validation

bad usernames

Feedback

Refer to curriculum topic: 5.4.2
The ability to pass malformed data through a website is a form of poor input validation.

The correct answer is: poor input validation

Question 17

Correct

Mark 2.00 out of 2.00

Flag question

Question text

What are three NIST-approved digital signature algorithms? (Choose three.)

Select one or more:

DSA

SHA256

MD5

SHA1

ECDSA

RSA

Feedback

Refer to curriculum topic: 5.2.2
NIST chooses approved algorithms based on public key techniques and ECC. The digital signature algorithms approved are DSA, RSA, and ECDSA.

The correct answers are: DSA, RSA, ECDSA

Question 18

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A recent email sent throughout the company stated that there would be a change in security policy. The security officer who was presumed to have sent the message stated the message was not sent from the security office and the company may be a victim of a spoofed email. What could have been added to the message to ensure the message actually came from the person?

Select one:

digital signature

non-repudiation

asymmetric key

hashing

Feedback

Refer to curriculum topic: 5.2.1
Digital signatures ensures non-repudiation or the ability not to deny that a specific person sent a message.

The correct answer is: digital signature

Question 19

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user downloads an updated driver for a video card from a website. A warning message pops up saying the driver is not approved. What does this piece of software lack?

Select one:

source code

code recognition

valid ID

digital signature

Feedback

Refer to curriculum topic: 5.2.2
Code signing is a method of verifying code integrity

The correct answer is: digital signature

Question 20

Correct

Mark 2.00 out of 2.00

Flag question

Question text

A user is evaluating the security infrastructure of a company and notices that some authentication systems are not using best practices when it comes to storing passwords. The user is able to crack passwords very fast and access sensitive data. The user wants to present a recommendation to the company on the proper implementation of salting to avoid password cracking techniques. What are three best practices in implementing salting? (Choose three.)

Select one or more:

A salt must be unique.

A salt should be unique for each password.

The same salt should be used for each password.

Salts should be short.

Salts are not an effective best practice.

A salt should not be reused.

Feedback

Refer to curriculum topic: 5.1.2
Salting needs to be unique and not reused. Doing the opposite will cause passwords to be cracked easily.

The correct answers are: A salt should be unique for each password., A salt should not be reused., A salt must be unique.